Skip to main content
IMHCloud Logo
Back to support home

Creating and Managing Networks in OpenStack Horizon

OpenStack

Virtual networks in OpenStack provide isolated network environments for your cloud infrastructure. This guide walks you through creating, configuring, and managing networks using the Horizon dashboard and command-line interface.

What are OpenStack Networks?

Networks in OpenStack serve as the foundation for instance connectivity. Each network creates an isolated layer-2 broadcast domain, similar to a virtual switch, where instances can communicate with each other and potentially reach external networks through routers.

Network types you'll encounter:

Project Networks (Private):

  • Created within your project scope
  • Isolated from other projects by default
  • Connect to external networks through routers
  • Fully under your control

Shared Networks:

  • Accessible across multiple projects
  • Typically created by administrators
  • Commonly used for common services or external access

External Networks:

  • Provide connectivity to networks outside OpenStack
  • Usually managed by cloud administrators
  • Source of floating IP addresses
  • Gateway for internet access

Understanding when to create new networks helps with workload isolation, security segmentation, and organizing different application tiers (web, application, database).

Creating a Network in Horizon

The network creation wizard guides you through setting up the network, defining a subnet, and configuring IP address management in a single workflow.

Step 1: Access the Network Creation Interface

  1. Log into the OpenStack Horizon dashboard
  2. Navigate to Project > Network > Networks
  3. Click Create Network in the upper right
  4. The network creation wizard opens with three tabs: Network, Subnet, and Subnet Details

Step 2: Configure Network Properties

On the Network tab, define the basic network attributes:

  1. Network Name: Enter a descriptive name (example: "web-tier-network" or "private-network-1")
  2. Enable Admin State: Leave checked to create the network in an active state
  3. Create Subnet: Keep checked to define a subnet during network creation (recommended)
  4. Availability Zone Hints: Leave blank unless you need specific placement (advanced use case)

Admin State Explained: The admin state controls whether the network is operationally active. A network with admin state "UP" can pass traffic. Setting it to "DOWN" disables the network without deleting it, useful for maintenance or testing.

Click Next to proceed to the Subnet tab.

Step 3: Define the Subnet

The Subnet tab configures IP addressing for the network:

  1. Subnet Name: Enter a descriptive name (example: "web-tier-subnet")
  2. Network Address: Specify the CIDR notation for your subnet
  • Common choices: 10.0.1.0/24, 192.168.1.0/24, 172.16.1.0/24
  • Format: network-address/prefix-length
  • The /24 prefix provides 254 usable IP addresses
  1. IP Version: Select IPv4 (most common) or IPv6
  2. Gateway IP: Enter the gateway address or leave blank for automatic assignment
  • Automatic assignment uses the first IP in the range (example: 10.0.1.1 for 10.0.1.0/24)
  • Explicitly specify if you need a different gateway address
  1. Disable Gateway: Check only if this subnet should not have a gateway (isolated network)

CIDR Notation Quick Reference:

  • /24 = 256 addresses (254 usable): 10.0.1.0 to 10.0.1.255
  • /16 = 65,536 addresses: 10.0.0.0 to 10.0.255.255
  • /8 = 16,777,216 addresses: 10.0.0.0 to 10.255.255.255

Click Next to configure advanced subnet settings.

Step 4: Configure Subnet Details

The Subnet Details tab provides additional IP management options:

  1. Enable DHCP: Leave checked to automatically assign IP addresses to instances
  • Recommended for most deployments
  • Instances receive IP addresses when they boot
  • Uncheck only if you plan to use static IP configuration
  1. Allocation Pools: Restrict which IPs DHCP can assign
  • Leave blank to use the entire subnet range (minus gateway)
  • Specify ranges to reserve addresses for static assignment
  • Format: 10.0.1.100,10.0.1.200 (assigns IPs from .100 to .200 only)
  • Use case: Reserve .2-.99 for load balancers, VIPs, or manual assignment
  1. DNS Name Servers: Specify DNS resolvers for instances
  • Enter one DNS server per line
  • Common options: 8.8.8.8, 1.1.1.1, or your internal DNS servers
  • Instances use these servers for hostname resolution
  • Leave blank to use default DNS servers from your cloud configuration
  1. Host Routes: Define static routes for instances (advanced)
  • Format: destination-network,next-hop (example: 192.168.100.0/24,10.0.1.254)
  • Used for routing to networks beyond the default gateway
  • Leave blank unless you have specific routing requirements

Click Create to create the network and subnet together.

Step 5: Verify Network Creation

After clicking Create, you return to the Networks list:

  1. Locate your new network in the table
  2. Verify the following columns:
  • Name: Your network name appears
  • Subnets Associated: Shows your subnet's CIDR
  • Shared: Indicates whether other projects can use this network
  • External: Shows if this is an external network (typically "No" for project networks)
  • Status: Should show "ACTIVE"
  • Admin State: Should show "UP"

Click the network name to view detailed information including associated subnets, ports, and network topology position.

Editing Network Properties

You can modify certain network properties after creation, though some attributes are immutable.

Change Network Name or Admin State

  1. Navigate to Project > Network > Networks
  2. Locate the target network
  3. Click the dropdown arrow in the Actions column
  4. Select Edit Network
  5. Modify the following editable fields:
  • Network Name: Update to a new descriptive name
  • Enable Admin State: Toggle to change the operational state
  • Shared: Check to make the network available to other projects (requires admin privileges)
  1. Click Save Changes

What You Cannot Change:

  • Network UUID
  • VLAN ID or network type (flat, VXLAN, GRE)
  • External network status (requires admin privileges and proper configuration)

The network's core infrastructure attributes are set at creation time and cannot be modified without recreating the network.

Managing Subnets on a Network

Networks can have multiple subnets, useful for IPv4/IPv6 dual-stack configurations or segmenting IP space.

View Subnets

  1. Navigate to Project > Network > Networks
  2. Click the network name
  3. View the Subnets section showing all associated subnets

Add a Subnet to an Existing Network

  1. From the network detail page, click Create Subnet
  2. Follow the same subnet configuration steps described earlier
  3. The new subnet shares the same network infrastructure but uses different IP addressing

Multiple Subnet Use Cases:

  • IPv4 and IPv6 on the same network
  • Different DHCP ranges for different instance types
  • Segmenting a large network into smaller logical blocks

Deleting a Network

Before deleting a network, you must remove all resources that depend on it.

Check for Dependencies

  1. Click the network name to view details
  2. Check the Ports section for attached resources
  3. Note any router interfaces connected to the network's subnets

Resources that block network deletion:

  • Instances with network interfaces attached
  • Router interfaces connected to the network's subnets
  • Load balancers or VPN services using the network
  • Ports created manually or by other services

Remove Dependencies

Detach Router Interfaces:

  1. Navigate to Project > Network > Routers
  2. Click the router name
  3. Select the Interfaces tab
  4. Click Delete Interface for interfaces connected to your network's subnets
  5. Confirm deletion

Delete or Reconfigure Instances:

  1. Navigate to Project > Compute > Instances
  2. Either delete instances using the network, or
  3. Detach the network interface and attach a different network

Delete the Network

After removing all dependencies:

  1. Navigate to Project > Network > Networks
  2. Check the box next to the network you want to delete
  3. Click Delete Networks above the table
  4. Confirm deletion in the dialog

Warning: Deletion is immediate and cannot be undone. Verify you've selected the correct network before confirming.

Understanding Network Status and States

Networks display status information that indicates operational condition:

ACTIVE:

  • Network is created and operational
  • Can accept port attachments
  • Traffic can flow (if admin state is UP)

BUILD:

  • Network creation in progress
  • Temporary state during initial setup
  • Should transition to ACTIVE within seconds

DOWN:

  • Network exists but admin state is disabled
  • No traffic flows even if ports are attached
  • Used for maintenance or testing

ERROR:

  • Network creation or operation failed
  • Check logs or contact administrator
  • Usually requires deletion and recreation

Common Network Configuration Patterns

Single Private Network with External Access

Most basic setup for internet-connected instances:

  1. Create a private network (10.0.1.0/24)
  2. Create a router with external gateway
  3. Connect the private subnet to the router
  4. Launch instances on the private network
  5. Assign floating IPs for external access

Multiple Isolated Networks

Separate different application tiers or environments:

  1. Create web-tier network (10.0.1.0/24)
  2. Create app-tier network (10.0.2.0/24)
  3. Create data-tier network (10.0.3.0/24)
  4. Use router interfaces to control connectivity between tiers
  5. Apply security groups to enforce access policies

Shared External-Only Access

For instances that only need outbound internet access:

  1. Create a private network
  2. Connect to a router with external gateway
  3. Do not assign floating IPs
  4. Instances can reach internet via SNAT on the router
  5. Instances are not reachable from the internet

Creating a Network Using the CLI

The OpenStack command-line client provides scriptable network management for automation and bulk operations.

Prerequisites

Install and configure the OpenStack CLI:

1pip install python-openstackclient

Source your OpenStack RC file to set authentication credentials:

1source openstack-rc.sh

Create a Basic Network

Create a simple private network:

1openstack network create private-network-1

Output shows:

  • Network ID (UUID)
  • Name
  • Admin state
  • Status
  • Shared flag
  • Project ID

Create a Network with Specific Options

Include additional parameters during creation:

1openstack network create \
2  --description "Web tier network for production" \
3  --enable \
4  web-tier-network

Available options:

  • --description "text": Add descriptive text
  • --enable / --disable: Set initial admin state
  • --share / --no-share: Control shared access
  • --project <project-id>: Create in specific project (admin only)
  • --availability-zone-hint <zone>: Request specific placement

Create a Network with Subnet in One Command

Combine network and subnet creation:

1openstack network create private-network-1
2

3openstack subnet create \
4  --network private-network-1 \
5  --subnet-range 10.0.1.0/24 \
6  --gateway 10.0.1.1 \
7  --dns-nameserver 8.8.8.8 \
8  --dns-nameserver 1.1.1.1 \
9  --allocation-pool start=10.0.1.100,end=10.0.1.200 \
10  private-subnet-1

Subnet parameters:

  • --network: Parent network name or ID
  • --subnet-range: CIDR notation
  • --gateway: Gateway IP address
  • --no-gateway: Disable gateway
  • --dns-nameserver: DNS server (repeat for multiple)
  • --allocation-pool: DHCP range (start=IP,end=IP)
  • --dhcp / --no-dhcp: Enable or disable DHCP
  • --host-route: Static route (destination=CIDR,gateway=IP)

Listing and Inspecting Networks

List All Networks

Display all networks visible to your project:

1openstack network list

Output columns:

  • ID
  • Name
  • Subnets
  • Shared status
  • External status
  • Availability zones

Filter Network List

Show only specific networks:

1# Show only your project's networks (not shared)
2openstack network list --project <your-project-id>
3

4# Show external networks only
5openstack network list --external
6

7# Show shared networks
8openstack network list --share

Show Network Details

Get complete information about a specific network:

1openstack network show private-network-1

Detailed output includes:

  • All creation parameters
  • Current status and admin state
  • Associated subnets
  • Port count
  • Network type (VXLAN, VLAN, flat)
  • Segmentation ID (if applicable)
  • Created and updated timestamps

Show Network in JSON Format

For parsing in scripts or tools:

1openstack network show private-network-1 -f json

Parse specific values:

1openstack network show private-network-1 -f json | jq '.id'

Editing Networks via CLI

Change Network Name

Rename an existing network:

1openstack network set --name new-network-name private-network-1

Enable or Disable Admin State

Control network operational state:

1# Disable network
2openstack network set --disable private-network-1
3

4# Re-enable network
5openstack network set --enable private-network-1

Update Network Description

Add or modify descriptive text:

1openstack network set \
2  --description "Updated description for production network" \
3  private-network-1

Make Network Shared (Admin Only)

Allow other projects to use this network:

1openstack network set --share private-network-1

Remove shared access:

1openstack network set --no-share private-network-1

Deleting Networks via CLI

Delete a Network

Remove a network and its associated subnets:

1openstack network delete private-network-1

Important: This command fails if:

  • Ports are still attached
  • Router interfaces are connected
  • Other resources depend on the network

Force Delete with Dependency Removal

Remove router interfaces first:

1# List ports on the network
2openstack port list --network private-network-1
3

4# Remove router interfaces
5openstack router remove subnet <router-name> <subnet-name>
6

7# Delete network
8openstack network delete private-network-1

Delete Multiple Networks

Remove several networks at once:

1openstack network delete network-1 network-2 network-3

Troubleshooting Network Creation Issues

Network Creation Fails

Symptom: Error message during network creation

Common causes:

  • Insufficient quota for networks
  • Invalid CIDR notation in subnet
  • Overlapping IP ranges with existing subnets
  • Permission issues (trying to create shared or external network without admin rights)

Resolution: Check quota usage:

1openstack quota show

Verify CIDR format and non-overlapping ranges with existing networks.

Cannot Delete Network

Symptom: "Network in use" or similar error

Resolution: List all ports on the network:

1openstack port list --network <network-name>

Identify attached resources and remove them before deleting the network.

Network Shows Error State

Symptom: Network status displays ERROR

Resolution: Delete and recreate the network. Check with your cloud administrator if the error persists, as it may indicate infrastructure issues.

Related Resources

For more information on OpenStack networking and network management, see these official resources:

Summary

Creating and managing networks in OpenStack Horizon provides the foundation for your cloud infrastructure networking. The dashboard wizard simplifies network creation by combining network, subnet, and IP configuration in a single workflow, while the CLI offers powerful automation capabilities for scripting and bulk operations.

Start with simple private networks for basic connectivity, then expand to more complex topologies with multiple networks, shared resources, and integration with routers and external networks. Understanding network dependencies and proper deletion procedures ensures smooth operations and prevents orphaned resources.